<%#
kind: provision
name: AutoYaST SLES default
model: ProvisioningTemplate
oses:
- SLES
-%>
<%
  os_major = @host.operatingsystem.major.to_i
  os_minor = @host.operatingsystem.minor.to_i
  # safemode renderer does not support unary negation
  pm_set = @host.puppetmaster.empty? ? false : true
  aio_enabled = host_param_true?('enable-puppetlabs-puppet5-repo') || host_param_true?('enable-puppet5')
  puppet_enabled = pm_set || host_param_true?('force-puppet')
  salt_enabled = host_param('salt_master') ? true : false
  sles_minor_string = (os_minor == 0) ? '' : "_SP#{os_minor}"
  spacewalk_enabled = host_param('spacewalk_host') ? true : false

  primary_interface_identifier = @host.primary_interface.identifier.blank? ? 'eth0' : @host.primary_interface.identifier
  primary_interface_subnet = @host.primary_interface.subnet
-%>
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE profile>
<profile xmlns="http://www.suse.com/1.0/yast2ns" xmlns:config="http://www.suse.com/1.0/configns">
  <general>
    <mode>
      <confirm config:type="boolean">false</confirm>
      <final_reboot config:type="boolean">true</final_reboot>
    </mode>
  </general>
  <networking>
    <dns>
      <hostname><%= @host.name %></hostname>
<% unless primary_interface_subnet.dhcp_boot_mode? -%>
      <dhcp_hostname config:type="boolean">false</dhcp_hostname>
      <dhcp_resolv config:type="boolean">false</dhcp_resolv>
<% if @host.domain -%>
      <domain><%= @host.domain -%></domain>
<% end -%>
<% unless primary_interface_subnet.dns_servers.empty? -%>
      <nameservers config:type="list">
<% primary_interface_subnet.dns_servers.each do |nameserver| -%>
        <nameserver><%= nameserver %></nameserver>
<% end -%>
      </nameservers>
<% end -%>
<% else -%>
      <resolv_conf_policy>auto</resolv_conf_policy>
<% end -%>
<% if @host.domain -%>
      <searchlist config:type="list">
        <search><%= @host.domain %></search>
      </searchlist>
<% end -%>
    </dns>
    <interfaces config:type="list">
<%
  @host.managed_interfaces.each do |interface|
    next if !interface.managed? || interface.subnet.nil? || interface.ip.nil?
    dhcp = interface.subnet.dhcp_boot_mode?
-%>
<% if dhcp -%>
      <interface>
        <bootproto>dhcp</bootproto>
        <device><%= interface.primary ? primary_interface_identifier : interface.identifier -%></device>
        <startmode>auto</startmode>
        <usercontrol>no</usercontrol>
      </interface>
<% else -%>
      <interface>
        <bootproto>static</bootproto>
        <device><%= interface.primary ? primary_interface_identifier : interface.identifier -%></device>
        <ipaddr><%= interface.ip -%></ipaddr>
        <netmask><%= interface.subnet.mask -%></netmask>
        <startmode>onboot</startmode>
        <usercontrol>no</usercontrol>
      </interface>
<% end -%>
<% end -%>
    </interfaces>
<% unless primary_interface_subnet.dhcp_boot_mode? -%>
    <routing>
      <routes config:type="list">
        <route>
          <destination>default</destination>
          <device><%= primary_interface_identifier -%></device>
          <gateway><%= primary_interface_subnet.gateway -%></gateway>
          <netmask><%= primary_interface_subnet.mask -%></netmask>
        </route>
      </routes>
    </routing>
<% end -%>
  </networking>
<% if os_major >= 15 -%>
  <ntp-client>
    <ntp_policy>auto</ntp_policy>
    <ntp_servers config:type="list">
      <ntp_server>
        <address><%= host_param('ntp-server') || '0.opensuse.pool.ntp.org' %></address>
        <iburst config:type="boolean">false</iburst>
        <offline config:type="boolean">true</offline>
      </ntp_server>
    </ntp_servers>
    <ntp_sync>15</ntp_sync>
  </ntp-client>
<% else -%>
  <ntp-client>
    <configure_dhcp config:type="boolean">false</configure_dhcp>
    <peers config:type="list">
      <peer>
        <address><%= host_param('ntp-server') || '0.opensuse.pool.ntp.org' %></address>
        <initial_sync config:type="boolean">true</initial_sync>
        <options></options>
        <type>server</type>
      </peer>
    </peers>
    <start_at_boot config:type="boolean">true</start_at_boot>
    <start_in_chroot config:type="boolean">true</start_in_chroot>
  </ntp-client>
<% end -%>
<% if ! @dynamic -%>
  <%= @host.diskLayout %>
<% end -%>
  <runlevel>
    <default>3</default>
    <services config:type="list">
      <service>
        <service_name>sshd</service_name>
        <service_status>enable</service_status>
      </service>
    </services>
  </runlevel>
  <software>
<% if os_major >= 15 -%>
    <products config:type="list">
      <product>SLES</product>
    </products>
    <patterns config:type="list">
      <pattern>enhanced_base</pattern>
    </patterns>
<% else -%>
    <patterns config:type="list">
      <pattern>Minimal</pattern>
    </patterns>
<% end -%>
    <packages config:type="list">
      <package>lsb-release</package>
      <package>openssh</package>
<% if puppet_enabled -%>
<% if aio_enabled -%>
      <package>puppet-agent</package>
<% else -%>
      <package>rubygem-puppet</package>
<% end -%>
<% end -%>
<% if spacewalk_enabled -%>
      <package>rhn-setup</package>
<% end -%>
    </packages>
  </software>
  <users config:type="list">
    <user>
      <username>root</username>
      <encrypted config:type="boolean">true</encrypted>
      <fullname>root</fullname>
      <gid>0</gid>
      <home>/root</home>
      <shell>/bin/bash</shell>
      <uid>0</uid>
      <user_password><%= root_pass %></user_password>
    </user>
  </users>
  <scripts>
<% if @dynamic -%>
    <pre-scripts config:type="list">
      <script>
        <debug config:type="boolean">true</debug>
        <filename>pre_disklayout</filename>
        <interpreter>shell</interpreter>
        <source><![CDATA[
<%= @host.diskLayout %>
]]>
        </source>
      </script>
    </pre-scripts>
<% end -%>
    <chroot-scripts config:type="list">
      <script>
        <filename>cp-resolv.sh</filename>
        <chrooted config:type="boolean">false</chrooted>
        <interpreter>shell</interpreter>
        <notification>Copying resolv.conf into chroot ...</notification>
        <source><![CDATA[
cp /etc/resolv.conf /mnt/etc
]]>
        </source>
      </script>
      <script>
        <filename>foreman.sh</filename>
        <chrooted config:type="boolean">true</chrooted>
        <interpreter>shell</interpreter>
        <notification>Setting up Puppet / Foreman ...</notification>
        <source><![CDATA[
/bin/hostname <%= @host.name %>

<%= snippet('remote_execution_ssh_keys') %>

<%= snippet "blacklist_kernel_modules" %>

<% if spacewalk_enabled -%>
<%= snippet 'redhat_register' %>
<% end -%>

<% if puppet_enabled -%>
<%= snippet 'puppet_setup' %>
<% end -%>

<% if salt_enabled %>
<%= snippet 'saltstack_setup' %>
<% end -%>

<% if @host.respond_to?(:bootdisk_build?) && @host.bootdisk_build? %>
eject -v
<% end -%>

<%= snippet 'built' %>

rm /etc/resolv.conf
]]>
        </source>
      </script>
    </chroot-scripts>
  </scripts>
  <keyboard>
    <keymap>english-us</keymap>
  </keyboard>
  <timezone>
    <hwclock>UTC</hwclock>
    <timezone><%= host_param('time-zone') || 'Etc/UTC' %></timezone>
  </timezone>
  <add-on>
    <add_on_products config:type="list">
<% if os_major >= 15 && host_param('sle-module-basesystem-url') -%>
      <listentry>
        <media_url><%= host_param('sle-module-basesystem-url') %></media_url>
        <product_dir>/Module-Basesystem</product_dir>
        <product>sle-module-basesystem</product>
      </listentry>
  <% if os_minor >= 1 && host_param('sle-module-basesystem-url') -%>
      <listentry>
        <media_url><%= host_param('sle-module-basesystem-url') %></media_url>
        <product_dir>/Module-Python2</product_dir>
        <product>sle-module-python2</product>
      </listentry>
  <% end -%>
<% end -%>
<% if puppet_enabled -%>
<% if host_param_true?('enable-puppetlabs-puppet6-repo') || host_param_true?('enable-puppetlabs-puppet5-repo') -%>
<%
  puppet_repo_url_base = 'http://yum.puppet.com'
  if host_param_true?('enable-puppetlabs-puppet6-repo')
    puppet_repo_url = "#{puppet_repo_url_base}/puppet6/sles/#{os_major}/#{@host.architecture}/"
  elsif host_param_true?('enable-puppetlabs-puppet5-repo')
    puppet_repo_url = "#{puppet_repo_url_base}/puppet5/sles/#{os_major}/#{@host.architecture}/"
  end
%>
    <listentry>
        <media_url><![CDATA[<%= puppet_repo_url %>]]></media_url>
        <name>puppet</name>
        <product>puppet</product>
        <product_dir>/</product_dir>
        <signature-handling>
          <accept_non_trusted_gpg_key>
            <all config:type="boolean">false</all>
            <keys config:type="list">
              <keyid>7F438280EF8D349F</keyid>
            </keys>
          </accept_non_trusted_gpg_key>
          <import_gpg_key>
            <all config:type="boolean">false</all>
            <keys config:type="list">
              <keyid>7F438280EF8D349F</keyid>
            </keys>
          </import_gpg_key>
        </signature-handling>
      </listentry>
<% else -%>
      <listentry>
        <media_url><![CDATA[http://download.opensuse.org/repositories/systemsmanagement:/puppet/SLE_<%= os_major %><%= sles_minor_string %>/]]></media_url>
        <name>systemsmanagement_puppet</name>
        <product>systemsmanagement_puppet</product>
        <product_dir>/</product_dir>
        <signature-handling>
          <accept_non_trusted_gpg_key>
            <all config:type="boolean">false</all>
            <keys config:type="list">
              <keyid>2ABFA143A0E46E11</keyid>
            </keys>
          </accept_non_trusted_gpg_key>
          <import_gpg_key>
            <all config:type="boolean">false</all>
            <keys config:type="list">
              <keyid>2ABFA143A0E46E11</keyid>
            </keys>
          </import_gpg_key>
        </signature-handling>
      </listentry>
<% if os_major < 12 -%>
      <listentry>
        <media_url><![CDATA[http://download.opensuse.org/repositories/devel:languages:ruby:backports/SLE_<%= os_major %><%= sles_minor_string %>/]]></media_url>
        <name>devel_languages_ruby_backports</name>
        <product>devel_languages_ruby_backports</product>
        <product_dir>/</product_dir>
        <signature-handling>
          <accept_non_trusted_gpg_key>
            <all config:type="boolean">false</all>
            <keys config:type="list">
              <keyid>9AF0C9A20E9AF123</keyid>
            </keys>
          </accept_non_trusted_gpg_key>
          <import_gpg_key>
            <all config:type="boolean">false</all>
            <keys config:type="list">
              <keyid>9AF0C9A20E9AF123</keyid>
            </keys>
          </import_gpg_key>
        </signature-handling>
      </listentry>
      <listentry>
<!-- you have to update the next line with the actual URL of your SDK -->
        <media_url>http://<your_server_here>/iso/suse/SDK/<%= os_major %>.<%= os_minor %>/<%= @host.architecture %>/</media_url>
        <product>SuSE-Linux-SDK</product>
        <product_dir>/</product_dir>
        <name>SuSE-Linux-SDK</name>
      </listentry>
<% end -%>
<% end -%>
<% end -%>
<% if salt_enabled -%>
      <listentry>
        <media_url><![CDATA[http://download.opensuse.org/repositories/devel:languages:python/SLE_<%= os_major %><%= sles_minor_string %>/]]></media_url>
        <name>devel_languages_python</name>
        <product>devel_languages_python</product>
        <product_dir>/</product_dir>
        <signature-handling>
          <accept_non_trusted_gpg_key>
            <all config:type="boolean">false</all>
            <keys config:type="list">
              <keyid>27163A4EEDF0D733</keyid>
            </keys>
          </accept_non_trusted_gpg_key>
          <import_gpg_key>
            <all config:type="boolean">false</all>
            <keys config:type="list">
              <keyid>27163A4EEDF0D733</keyid>
            </keys>
          </import_gpg_key>
        </signature-handling>
      </listentry>
<% end -%>
<% if spacewalk_enabled -%>
      <listentry>
        <media_url><![CDATA[http://download.opensuse.org/repositories/systemsmanagement:/spacewalk/SLE_<%= os_major %><%= sles_minor_string %>/]]></media_url>
        <name>systemsmanagement_spacewalk</name>
        <product>systemsmanagement_spacewalk</product>
        <product_dir>/</product_dir>
        <signature-handling>
          <accept_non_trusted_gpg_key>
            <all config:type="boolean">false</all>
            <keys config:type="list">
              <keyid>2ABFA143A0E46E11</keyid>
            </keys>
          </accept_non_trusted_gpg_key>
          <import_gpg_key>
            <all config:type="boolean">false</all>
            <keys config:type="list">
              <keyid>2ABFA143A0E46E11</keyid>
            </keys>
          </import_gpg_key>
        </signature-handling>
      </listentry>
<% end -%>
    </add_on_products>
  </add-on>
</profile>
